dgit.raspbian.org Git - linux.git/commit

author	Ben Hutchings <ben@decadent.org.uk>
	Fri, 30 Aug 2019 14:54:24 +0000 (15:54 +0100)
committer	Salvatore Bonaccorso <carnil@debian.org>
	Sat, 6 Feb 2021 08:23:52 +0000 (08:23 +0000)
commit	6ceb0da2300e9cffe4733adfb276df0b9f1107a1
tree	f46c048bd3e9f80e9aad7532c0621d67634d2329	tree \| snapshot
parent	a504234f406a1335026ad0eaf0172c41a28c1ad3	commit \| diff

mtd: phram,slram: Disable when the kernel is locked down

Forwarded: https://lore.kernel.org/linux-security-module/20190830154720.eekfjt6c4jzvlbfz@decadent.org.uk/

These drivers allow mapping arbitrary memory ranges as MTD devices.
This should be disabled to preserve the kernel's integrity when it is
locked down.

* Add the HWPARAM flag to the module parameters
* When slram is built-in, it uses __setup() to read kernel parameters,
so add an explicit check security_locked_down() check

Signed-off-by: Ben Hutchings <ben@decadent.org.uk>
Cc: Matthew Garrett <mjg59@google.com>
Cc: David Howells <dhowells@redhat.com>
Cc: Joern Engel <joern@lazybastard.org>
Cc: linux-mtd@lists.infradead.org
Gbp-Pq: Topic features/all/lockdown
Gbp-Pq: Name mtd-disable-slram-and-phram-when-locked-down.patch

drivers/mtd/devices/phram.c		diff \| blob \| history
drivers/mtd/devices/slram.c		diff \| blob \| history